Cyber incident response planning has emerged as a key cybersecurity control in reducing the likelihood of a breach-related claim, according to a new report from the Cyber Risk Intelligence Center (CRIC) of Marsh McLennan.
The report found that organisations that regularly engage in tabletop exercises and scenario-based breach response drills are 13% less likely to experience a material cyber event than those that do not.
In 2025, cyber incident response planning ranked as the fourth most effective control in decreasing the probability of a breach-related claim, behind endpoint detection and response (EDR), logging and monitoring, and cybersecurity awareness training and phishing testing.
Tom Reagan, Global Cyber Practice Leader at Marsh, said, “Marsh has long advocated proactive cyber incident response planning as a tool to help organisations effectively and efficiently respond to and recover from a cyberattack.
“What our latest research confirms is that thoughtful planning also drives secondary benefits like positive security behaviours and strong control implementations, which help build more organisational resilience and reduce breach incidents.”
<!–
–>
The report also highlighted the importance of effectively deploying and managing other key cybersecurity controls. It found that each 25% increase in EDR deployment across workstations and laptops was associated with a further 10% reduction in breach likelihood. Similarly, a multi-factor authentication (MFA) deployment resistant to phishing schemes was linked to a 9% lower breach likelihood than MFA that is not.
Scott Stransky, Head of Marsh McLennan’s CRIC, added, “Our findings emphasise that simply deploying key cybersecurity controls is no longer enough—these tools must be properly managed and comprehensively used.
“By drawing on our insights, organisations can make informed decisions to strengthen their security frameworks and help reduce their exposure to cyber risks.”
The post Cyber incident response planning a key control in reducing cyber risk: Marsh appeared first on ReinsuranceNe.ws.
